The enormous network of subcontract manufacturing available worldwide has made it possible for the smallest operations to get businesses based on electronic hardware off the ground. But it comes with a sting in the tail: the rise of grey- and black-market manufacturers who use the same networks to create counterfeit versions.
“Counterfeiters have become very big,” said Denis Farison, secure-solution marketing manager at . “Many are based in China but there are others around the world and in America who have a lot of manpower and money.”
Services such as satellite TV demonstrated how much money could be made by counterfeiting and lost by the service providers. The operators have worked hard over many years to fend off devices that are able to route around the encryption used to protect pay-TV channels.
As the Internet of Things (IoT) develops and business models move from conventional hardware sales to services the number of exploits based on fake or compromised devices and subsystems seems set to rise.
“If you look at the typical use-cases for the IoT, it only works if you can trust the information that you are getting is coming from legitimate devices and has not been tampered with on the way to the cloud. The consequences can be dramatic if not,” explained Pim Tuyls, founder and CEO of Intrinsic ID. “Authentication is more important than encryption.”
“That private key, associated to a certified public key, makes the device unique, and capable of authenticating itself against a server.” Stéphane di Vito |
However, the use of digital processing provides a potentially strong foundation for anti-counterfeiting strategies for both unconnected and connected devices. The big advantage that digital products have is that they can reasonably easily implement identifiers and the protocol needed to access them.
The simplest protocol is the kind recommended by the US Food & Drink Administration’s Unique Device Identification (UDI) standard for identifying medical devices. A one-time-programmable memory stores the codes and simply provides them in response to a scan. It is also very easy to compromise. All the counterfeiter needs to do is to copy individual serials or, in more sophisticated attacks, scan a number of items and determine the pattern used to create them to create believable fakes.
A sophisticated answer
Recognising they needed a more sophisticated answer to the counterfeiting and third-party refilling of cartridges, makers of inkjet printers were among the first to use digital protection techniques. Typically, the cartridges include a security chip that stores a private key inserted during manufacture. This key signs responses to random challenges made by the printer using a one-way hash function, such as SHA256. Random challenges make it almost impossible to use the replay attacks that afflict passive security tags. The printer only accepts messages that correspond to a list of valid keys that it uses to generate its own version of the response code.
A potential problem with the shared secret is the possibility that it might be leaked, either during production by a manufacturer responsible for programming devices or by side-channel attacks and other types of reverse engineering.
Programming the secret in stages at different locations prevents leaking but in recent years companies worried about counterfeiting have focused on making the stored codes unique. That makes protocols more complex, particularly for devices that cannot check a master database of valid IDs. But it is achievable through the use of public-key cryptography and digital certificates the protocols can create.
Tuyls points to a technique that combines a unique ID stored in a device that is combined with a digital certificate based on the OEM’s own private key. This makes it possible to issue challenges and gauge responses as valid without having to have a list of every valid unique ID. A counterfeiter cannot use the certificate in their own devices armed with their own batch of IDs without access to the keys used to generate the certificate.
“If you look at the typical use-cases for the IoT, it only works if you can trust the information that you are getting is coming from legitimate devices and has not been tampered with on the way to the cloud.” Pim Tuyls |
The unique ID can be intrinsic to the device itself, which avoids the problem of keys leaking at the programming stage. Static RAMs, for example, suffer from random variation due to tiny differences in threshold voltage from transistor to transistor. When the device boots up, the memories will settle into initial states that reflect that variation and, with those random ones and zeroes, generate a characteristic pattern. This forms the basis of the physically unclonable function (PUF). With the right cryptographic infrastructure around it, the key provided by the PUF itself never leaves the device and cannot be obtained even by opening the device up, although hackers have inferred PUF keys from weak systems using side-channel attacks coupled to machine learning.
“Counterfeiting is becoming a driving use-case for PUF,” Tuyls said. His company has licensed PUF intellectual property to a number of chipmakers. Other companies, such as Maxim Integrated, have built their own PUF technologies based on other semiconductor properties for use in products such as the ChipDNA line.
Although PUFs can form the basis of anti-counterfeiting for standalone systems, OEMs are now turning to the cloud in their attempts to stem counterfeiting.
According to Laurent Degauque, marketing director of ST’s secure-microcontroller division, “Most of the activity so far has been linked to unconnected devices. Our activity for unconnected devices is still very big and very important and it is still a growing business. But connected devices are in more of a ramping phase.”
For connected devices, it becomes possible to tie each product to a history stored in a server database. HP has extended the use of unique IDs to the packaging on its inkjet cartridge: customers in a shop can use a smartphone app to checked the product against a server database. The communication lets vendors take action, with servers able to note if fake devices have turned up somewhere.
Tuyls said: “If it’s not a legitimate device you want to be able to revoke it so that it cannot enter the supply chain again: the device has to be blacklisted. To do that there has to be a lot of infrastructure in place.”
Farison warns OEMs should not be over-enthusiastic about revoking credentials. There are situations where clones or reconditioned products may be legal in a particular territory. They may fail an authentication check but still be usable. “It’s not always so obvious.” He adds that online connections may not always be present, so it can be important to have mechanisms that work for both unconnected and connected use-cases. “We have to take that into account the fact that the product may not be able to connect.”
The most common mechanism for connected authentication is to rely on the same public-key infrastructure (PKI) as that used to tie on-device certificates to stored unique ID.
Stéphane di Vito, senior principal member of technical staff in Maxim’s micros, security and software business unit, said: “PKI-based systems are spreading in IoT. The usual scheme is to create a unique private key in each device’s secure storage for the purpose of authenticating the device on a network. That private key, associated to a certified public key, makes the device unique, and capable of authenticating itself against a server.”
In IoT devices, PKI has become increasingly cost effective, Tuyls. “With respect to ten years ago, chips have become much more powerful. Even a small, low-cost chip can run PKI now. And the silicon area need for PUF has become very small. It’s even built into sensors now.”
Although the range of attacks that can be performed through counterfeit products and subsystems is expanding, the tools to combat it are becoming easier to implement.